Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Snyk
Snykadded 2026/04/23 12:0 a.m.2 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization causing web security to be ineffective and allowing unauthorized access to all endpoints. Note: This is only exploitable if the following conditions are met: - the application is servlet-based; - the application ha...

9.3CVSS5.4AI score0.00413EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/03/03 12:0 a.m.5 views

TencentOS Server 4: curl (TSSA-2026:0101)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0101 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

6.3CVSS6.7AI score0.00629EPSS
Exploits3References6
OSV
OSVadded 2026/01/23 12:22 p.m.5 views

OESA-2026-1192 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an...

5.3CVSS5.6AI score0.00629EPSS
Exploits3References5
Cvelist
Cvelistadded 2025/09/15 12:0 a.m.7 views

CVE-2025-50944

An issue was discovered in the method push.lite.avtech.com.MySSLSocketFactoryNew.checkServerTrusted in AVTECH EagleEyes 2.0.0. The custom X509TrustManager used in checkServerTrusted only checks the certificate's expiration date, skipping proper TLS chain validation...

0.00247EPSS
Exploits3References2
Github Security Blog
Github Security Blogadded 2025/09/09 8:42 p.m.17 views

listmonk: CSRF to XSS Chain can Lead to Admin Account Takeover

Summary Cross-Site Request Forgery CSRF is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. With a little help of social engineering such as sending a link via email or chat, an attacker may trick the users of a web...

8.6CVSS6.5AI score0.00127EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2025/06/18 11:3 a.m.3 views

CVE-2022-50212 netfilter: nf_tables: do not allow CHAIN_ID to refer to another table

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: do not allow CHAINID to refer to another table When doing lookups for chains on the same batch by using its ID, a chain from a different table can be used. If a rule is added to a table but refers to a chain ...

7.8CVSS5.7AI score0.00188EPSS
Exploits0References8
OSV
OSVadded 2025/04/28 8:15 a.m.3 views

UBUNTU-CVE-2025-22235

EndpointRequest.to creates a matcher for null/ if the actuator endpoint, for which the EndpointRequest has been created, is disabled or not exposed. Your application may be affected by this if all the following conditions are met: You use Spring Security EndpointRequest.to has been used in a Spri...

7.3CVSS7AI score0.00358EPSS
Exploits0References3
Rows per page
Query Builder